From 8a7ec6b45221f042bc39c9bce2c577e12b43cc3a Mon Sep 17 00:00:00 2001 From: Murtuza Zabuawala Date: Wed, 9 Mar 2016 17:10:03 +0000 Subject: [PATCH] Update "parse_priv_to_db" function to return list a instead of a string. This will also allow us to operate on individual privileges & also we needed this functionality for column nodes. For example, *Earlier:* priv was string GRANT {{ priv }} ON {{ type }} TO {{ conn|qtIdent(role) }}; *Now:* priv will be List, which we need to handle in jinja templates. GRANT *{{ priv|join(', ') }}* ON {{ type }} TO {{ conn|qtIdent(role) }}; --- .../templates/macros/default_privilege.macros | 20 +++++++++---------- .../servers/templates/macros/privilege.macros | 10 +++++----- .../browser/server_groups/servers/utils.py | 12 +++++------ 3 files changed, 21 insertions(+), 21 deletions(-) diff --git a/web/pgadmin/browser/server_groups/servers/templates/macros/default_privilege.macros b/web/pgadmin/browser/server_groups/servers/templates/macros/default_privilege.macros index d612760a3..5135d619d 100644 --- a/web/pgadmin/browser/server_groups/servers/templates/macros/default_privilege.macros +++ b/web/pgadmin/browser/server_groups/servers/templates/macros/default_privilege.macros @@ -1,11 +1,11 @@ -{% macro APPLY(conn, type, role, priv, with_grant) -%} -{% if priv %} +{% macro APPLY(conn, type, role, privs, with_grant_privs) -%} +{% if privs %} ALTER DEFAULT PRIVILEGES - GRANT {{ priv }} ON {{ type }} TO {{ conn|qtIdent(role) }}; +GRANT {{ privs|join(', ') }} ON {{ type }} TO {{ conn|qtIdent(role) }}; {% endif %} -{% if with_grant %} +{% if with_grant_privs %} ALTER DEFAULT PRIVILEGES - GRANT {{ with_grant }} ON {{ type }} TO {{ conn|qtIdent(role) }} WITH GRANT OPTION; +GRANT {{ with_grant_privs|join(', ') }} ON {{ type }} TO {{ conn|qtIdent(role) }} WITH GRANT OPTION; {% endif %} {%- endmacro %} {% macro RESETALL(conn, type, role) -%} @@ -13,14 +13,14 @@ ALTER DEFAULT PRIVILEGES REVOKE ALL ON {{ type }} FROM {{ conn|qtIdent(role) }}; {%- endmacro %} {### To allow create macro for specific database object ###} -{% macro SET(conn, db_object_type, db_object_name, type, role, priv, with_grant) -%} -{% if priv %} +{% macro SET(conn, db_object_type, db_object_name, type, role, privs, with_grant_privs) -%} +{% if privs %} ALTER DEFAULT PRIVILEGES IN {{ db_object_type }} {{ conn|qtIdent(db_object_name) }} - GRANT {{ priv }} ON {{ type }} TO {{ conn|qtIdent(role) }}; +GRANT {{ privs|join(', ') }} ON {{ type }} TO {{ conn|qtIdent(role) }}; {% endif %} -{% if with_grant %} +{% if with_grant_privs %} ALTER DEFAULT PRIVILEGES IN {{ db_object_type }} {{ conn|qtIdent(db_object_name) }} - GRANT {{ with_grant }} ON {{ type }} TO {{ conn|qtIdent(role) }} WITH GRANT OPTION; +GRANT {{ with_grant_privs|join(', ') }} ON {{ type }} TO {{ conn|qtIdent(role) }} WITH GRANT OPTION; {% endif %} {%- endmacro %} {% macro UNSET(conn, db_object_type, db_object_name, type, role) -%} diff --git a/web/pgadmin/browser/server_groups/servers/templates/macros/privilege.macros b/web/pgadmin/browser/server_groups/servers/templates/macros/privilege.macros index 1d6660c88..31b5e3869 100644 --- a/web/pgadmin/browser/server_groups/servers/templates/macros/privilege.macros +++ b/web/pgadmin/browser/server_groups/servers/templates/macros/privilege.macros @@ -1,9 +1,9 @@ -{% macro APPLY(conn, type, role, param, priv, with_grant) -%} -{% if priv %} -GRANT {{ priv }} ON {{ type }} {{ conn|qtIdent(param) }} TO {{ conn|qtIdent(role) }}; +{% macro APPLY(conn, type, role, param, privs, with_grant_privs) -%} +{% if privs %} +GRANT {{ privs|join(', ') }} ON {{ type }} {{ conn|qtIdent(param) }} TO {{ conn|qtIdent(role) }}; {% endif %} -{% if with_grant %} -GRANT {{ with_grant }} ON {{ type }} {{ conn|qtIdent(param) }} TO {{ conn|qtIdent(role) }} WITH GRANT OPTION; +{% if with_grant_privs %} +GRANT {{ with_grant_privs|join(', ') }} ON {{ type }} {{ conn|qtIdent(param) }} TO {{ conn|qtIdent(role) }} WITH GRANT OPTION; {% endif %} {%- endmacro %} {% macro RESETALL(conn, type, role, param) -%} diff --git a/web/pgadmin/browser/server_groups/servers/utils.py b/web/pgadmin/browser/server_groups/servers/utils.py index 80a68a12b..cc7d8facb 100644 --- a/web/pgadmin/browser/server_groups/servers/utils.py +++ b/web/pgadmin/browser/server_groups/servers/utils.py @@ -75,12 +75,12 @@ def parse_priv_to_db(str_privileges, allowed_acls = []): priv_without_grant.append( db_privileges[privilege['privilege_type']] ) - - priv_with_grant = ", ".join(priv_with_grant) \ - if len(priv_with_grant) < allowed_acls_len else 'ALL' - priv_without_grant = ", ".join(priv_without_grant) \ - if len(priv_without_grant) < allowed_acls_len else 'ALL' - + # If we have all acl then just return all + if len(priv_with_grant) == allowed_acls_len: + priv_with_grant = ['ALL'] + if len(priv_without_grant) == allowed_acls_len: + priv_without_grant = ['ALL'] + # Appending and returning all ACL privileges.append({ 'grantee': priv['grantee'], 'with_grant': priv_with_grant,